![]() ![]() This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.Ĭopy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.Ī race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.Ī race condition was found in the Linux kernel's bluetooth device driver in _age_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.Ī race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. ![]() ![]() Printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.Ī memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.Ĭreate_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.Ī race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c. In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |